LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Tunneling & Timeouts

To: Peter Kese <peter.kese@xxxxxx>
Subject: Re: Tunneling & Timeouts
Cc: linux-virtualserver@xxxxxxxxxxxx
From: Joseph Mack <mack@xxxxxxxxxxx>
Date: Wed, 3 Feb 1999 11:28:19 -0500 (EST)
On Wed, 3 Feb 1999, Peter Kese wrote:

> 
> Let's suppose I set up a tunneling VS configuration for a web or proxy
> server. Clients send the requests (through the VS router) and the
> servers reply directly to clients. When the transfer is finished, the
> server closes the TCP socket. That means it sends an IP packet to the
> client to notify it that the socket had been closed. But this IP packet
> does not get intercepted by the VS and the masquerading entry remains in
> the hash table and stays there for the next 15 minutes until the
> TCP/masq timeout mechanism decides the connection is dead.
> 
> Am I right?
> 
> If I am, than we might be in trouble. In a web proxy configuration, the
> amount of hourly requests easily exceeds 100000 requests per hour. That
> means that in each moment there would be 25000 'zombie' masquerading
> entries messing up the hash table.

websites like CNN's news server run out of sockets unless they
change the timeout for the socket_close (2mins default
I believe, they set it to 30secs). I heard this at a talk
by someone from CNN (I think)

Joe
--
Joseph Mack mack@xxxxxxxxxxx


<Prev in Thread] Current Thread [Next in Thread>